Yup, exactly as everyone in the world predicted. A 16 year old snot nosed kid with access to a botnet. Yahoo News recently reported that these kids claim to have access to backbone routers and undersea cables. This is how stupid people are treating this.
![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Lizard Squad Member Reveals His Face in a TV Interview
- Thread starter CommanderFrank
- Start date
lilbabycat
2[H]4U
- Joined
- Jun 21, 2011
- Messages
- 3,810
I don't support the hack, it was annoying as fuck. Are they wrong though? Should 3 people with only moderate effort be able to take down a multi-billion dollar company's multi-million person network?
atp1916
[H]ard|DCoTM x1
- Joined
- Jun 18, 2004
- Messages
- 5,004
They will id this kid, and then his associations / relations and put em all in the slammer.
The end.
The end.
BlueMeanie
Limp Gawd
- Joined
- Nov 8, 2004
- Messages
- 389
Some people use VPNs and TOR to connect to a network, so you need to keep access open to all. Also there will be plenty of legitimate Chinese owners of Playsations and XBoxes.
And looking at your request there - "Chinese or foreign" means you also want to ban them dodgy Canadians, Europeans and Antipodeans too?
What is true though is that any decent System Admin who sees a flood of data coming from a DDoS should already have a toolkit in place ready to deal with that. You can't tell me that this is the first time it has happened? It is certainly noticeable that Microsoft, who also sells server software, managed to deal with this quicker than Sony who also sell TVs.
What amazes me is that this DDoS was so successful at Sony, the company who has just had their Film distribution side hammered by a real embarrassing hack.
You can't call it a hack until it's otherwise proved. As far as everyone knows it was simply a massive DDoS attack. This doesn't validate anything by 3 kids other than having too much time and money on their hands. It has been known for 20 years that DDoS is a problem that cannot be stopped. It's how TCP/IP functions at the network stack level. NOTHING can stop it unless a complete rewrite of the networking stack happens. You're talking a Multi-Trillion dollar venture getting that to happen.
By the time a DDOS has reached a sysadmin. The games already over and nothing can be done.
A system admin would do nothing in a DDOS. It is all Net ENG and upstream peers.
MysticRyuujin
Limp Gawd
- Joined
- Oct 1, 2013
- Messages
- 507
I think we're all missing the most important part of that entire interview!
Didn't anyone see the girl at the end saying "We couldn't even plug it in or turn it on?"
I laughed a lot...they didn't even unbox it because the PSN was down? Give me a break.
Didn't anyone see the girl at the end saying "We couldn't even plug it in or turn it on?"
I laughed a lot...they didn't even unbox it because the PSN was down? Give me a break.
ccityinstaller
Supreme [H]ardness
- Joined
- Feb 23, 2007
- Messages
- 4,236
You do realize that when you first open/power on these "consoles" they require a shit load of updates to even be able to function right?
runudownquick
Gawd
- Joined
- Nov 11, 2008
- Messages
- 831
Why does anyone in here care that the public calls them "hackers" ?
The public will simply see this as a "hack" and label them as such, those who want to know what they really are will do a quick search and find out the truth. DDOS, Script-kiddie and to a less extend rented bot-net attacks don't play well in the media. Are some people actually offended by these kids being called hackers?? FFS...
The kid made a few good points. The boatloads of money these companies make should allow them to protect against real intrusions of security(like the recent Sony Studios inicident) and DDOS alike. In the end no one was hurt, maybe butthurt though. I bet no one will learn any lessons from this either. That goes for Sony, MS and both kiddie squads.
As for the girl at the end....just wow. Single player Campaign while you wait much? Again I bet many did the same thing cause the public masses thought the "hacks" just shut their consoles down while in the box.
The public will simply see this as a "hack" and label them as such, those who want to know what they really are will do a quick search and find out the truth. DDOS, Script-kiddie and to a less extend rented bot-net attacks don't play well in the media. Are some people actually offended by these kids being called hackers?? FFS...
The kid made a few good points. The boatloads of money these companies make should allow them to protect against real intrusions of security(like the recent Sony Studios inicident) and DDOS alike. In the end no one was hurt, maybe butthurt though. I bet no one will learn any lessons from this either. That goes for Sony, MS and both kiddie squads.
As for the girl at the end....just wow. Single player Campaign while you wait much? Again I bet many did the same thing cause the public masses thought the "hacks" just shut their consoles down while in the box.
Grimlaking
2[H]4U
- Joined
- May 9, 2006
- Messages
- 3,245
1. If that wasn't a rendered face then that kid is hosed.
2. The "security expert" they interviewed is less qualified than that kid that did the hack inthe first place.
3. The person in this thread who mentioned Location based IP filtering for traffic is 100% on the ball. FIX it that way. The problem you will have is the checking is additional overhead on the network. If a company isn't willing to invest in the tech to stop this type of attack or at least mitigate it then yes you will have issue.
By simply having geo specific connection centers with a linked backbone that you control then limiting the connection centers to accepting connections only from sites within their geo region you will greatly mitigate the attack, or at least thin it out enough to actually mitigate the impact of the DDOS attack.
The problem with a DDOS type attack is that it is a dumb attack. Meaning any resource spent to mitigate the attack is seen as a win for the attacker. Becuse if it takes a resource to stop the connection then it takes MORE resources to stop more connections. The trick is to stop the connections en mass. That is where location specific connection allows can help. HOW you are checking and if the filtering is done statefully will be very important. As well as the memory space on the device for the statefull filter.
Even from an attack from vulnerable systems in your region you could statefully filter these as well.
If you look ate the word stateful and don't know what I mean then go look up a stateful firewall. What it means. In short you build the list and keep it resident as long as there are false or junk connections from that IP or IP range. Then as the attacks die down the state for these IP's auto expires. And so on. While you may deny some real users with this method (if you do IP ranges.) you are less likely to deny large swaths of users in this method.
2. The "security expert" they interviewed is less qualified than that kid that did the hack inthe first place.
3. The person in this thread who mentioned Location based IP filtering for traffic is 100% on the ball. FIX it that way. The problem you will have is the checking is additional overhead on the network. If a company isn't willing to invest in the tech to stop this type of attack or at least mitigate it then yes you will have issue.
By simply having geo specific connection centers with a linked backbone that you control then limiting the connection centers to accepting connections only from sites within their geo region you will greatly mitigate the attack, or at least thin it out enough to actually mitigate the impact of the DDOS attack.
The problem with a DDOS type attack is that it is a dumb attack. Meaning any resource spent to mitigate the attack is seen as a win for the attacker. Becuse if it takes a resource to stop the connection then it takes MORE resources to stop more connections. The trick is to stop the connections en mass. That is where location specific connection allows can help. HOW you are checking and if the filtering is done statefully will be very important. As well as the memory space on the device for the statefull filter.
Even from an attack from vulnerable systems in your region you could statefully filter these as well.
If you look ate the word stateful and don't know what I mean then go look up a stateful firewall. What it means. In short you build the list and keep it resident as long as there are false or junk connections from that IP or IP range. Then as the attacks die down the state for these IP's auto expires. And so on. While you may deny some real users with this method (if you do IP ranges.) you are less likely to deny large swaths of users in this method.
Grimlaking
2[H]4U
- Joined
- May 9, 2006
- Messages
- 3,245
Yes and no. There are ways to mitigate the attack with some intelligent routing of incoming connections BEFORE you even accept the connection to wait for a conversation to begin. IE if it is from CHINA then redirect to your APAC center. If it is from Canada direct to north america and so on. If a connection is coming direct to Center A but should go to B deny the connection and move on. The fewer cycles expended on that. (or moved to a device for that task specifically) The less impact you will have from a DDOS type attack.
Can a DDOS be prevented 100%. No. Of course not. The impact WILL be somewhere. But WHERE that impact actually hits is what is important.
MrGuvernment
Fully [H]
- Joined
- Aug 3, 2004
- Messages
- 21,819
1.2TB they apparently had access to, they also had rooted a couple of google's own servers.
Prolexic, now Akami is the largest DDoS protection their is, and they just hit 2TB total scrubbing capabilities, WORLD WIDE.
GEO-IP Filtering will not stop a DDoS attack, it is a temp solution that will last about 5 mins, all the attackers / botnet will do is shift to zombies in X country.
True, little you can do, pending on size.I have kept off upto 60mbps / 900k mpps DDoS attacks just by using synstate in PFSense on TCP rules, i also block (not drop) all UDP as we do not need it.
The Issue, is most DDoS attacks are pure numbers, packets per second or Gigs in bandwidth, stateful or not won't matter, they simply flood your system. My PFSense box is an overkill quad xeon and 16Gig of memory with only a 1Gig link to the ISP, I can in theory handle 1.6million sessions / 800k states, I hit 900k once with aroun 42Mb/s bandwidth usage and my ISP went down before my PfSense box did.
Geo-IP isn't a fix, sure a quick band-aid, and in the end won't help with these attacks because the attacks have bots in every region anyways and will just go around it. Also with how inaccurate IPv4 is you can kill out a lot of legit connections with GeoIP filtering.
So then what happens if Center A has gone down and your using Geo-IP redundnacy so now people who should go to A, and fail over to B are screwed.
Sony and MS should already have massive DDoS mitigation in place either from Prolexic / Akami or Google's own DDoS services they are testing. The fact they can be taken down for this long either shows as LIzard wanted to that they spend no money on I.T, or even these groups are over whelming the worlds largest DDoS mitigation companies as well or even just the ISP's hosting the services.
Until you experience a DDoS Attack you can say to do alot of things, but then try them, and see how quickly most of it fails within your own network, this is why you have to get 3rd party help that handles DDoS attacks for a living.
BladeVenom
Supreme [H]ardness
- Joined
- Jun 29, 2005
- Messages
- 7,707
You really have to laugh at Microsoft's and Sony's security. And people trust MS with the cloud? LOL!